A informação abaixo indicada destina-se às situações de exercício de funções em Instituição Significativa, de acordo com qualificação do Banco Central Europeu (BCE) nos termos do disposto no n.º 1 do artigo 49.º do Regulamento (UE) n.º 468/2014 do Banco Central Europeu (BCE/2014/17).
13.1 Purpose and legal basis for the processing of personal data in the context of the fit and proper procedure
The safety and soundness of a credit institution depend on the availability of appropriate internal organisational structures and corporate governance arrangements. Council Regulation (EU) No 1024/2013 (SSM Regulation)21 confers specific tasks on the European Central Bank (ECB) concerning policies relating to the prudential supervision of credit institutions on the basis of Article 127(6) of the Treaty on the Functioning of the European Union (TFEU)22.
For prudential supervisory purposes, the ECB is entrusted with the tasks in relation to credit institutions established in the participating Member States referred to in Article 4, within the framework of Article 6, of the SSM Regulation.
According to Article 4(1)(e) of the SSM Regulation, the ECB is to ensure compliance with the acts of the relevant Union law which impose requirements on credit institutions to have in place robust governance arrangements, including the fit and proper requirements for the persons responsible for the management of credit
institutions. For the purpose of carrying out its tasks pursuant to Article 16(2)(m) of the SSM Regulation, the ECB
also has the supervisory power to remove at any time members of the management body of credit institutions who do not fulfil the requirements set out in the acts of the relevant Union law. Article 91(1) of CRD IV and transposing national law provides that members of the management body must at all times be of sufficiently good repute and possess sufficient knowledge, skills and experience to perform their duties. Within the procedures for the supervision of significant supervised entities, Articles 93 and 94 of Regulation (EU) No 468/2014 (SSM Framework Regulation)2311 lay down the procedural rules for the assessment by the ECB of the compliance with the fit and proper requirements of persons responsible for managing credit institutions. To ensure that fit and proper requirements are met at all times, in accordance with Article 94(2) of the SSM
21 Council Regulation (EU) No 1024/2013 of 15 October 2013 conferring specific tasks on the European Central Bank concerning policies relating to the prudential supervision of credit institutions, OJ L 287, 29.10.2013, p. 63.
22 Consolidated version of the Treaty on the Functioning of the European Union, OJ C 326, 26.10.2012, p. 47.
23 Regulation (EU) No 468/2014 of the European Central Bank of 16 April 2014 establishing the framework for cooperation within the Single Supervisory Mechanism between the European Central Bank and national competent authorities and with national designated authorities, OJ L 141, 14.5.2014, p. 1.
Framework Regulation the ECB may initiate a new assessment if it becomes aware of any new facts that may have an impact on the initial assessment of the relevant member of the management body.
13.2 Disclosure of personal data
All of the personal data requested are necessary to carry out the fit and proper assessment of members of management bodies of existing significant supervised entities. If these data are not provided, the ECB cannot assess whether the board member concerned complies with the fit and proper requirements in order to ensure that credit institutions have in place robust governance arrangements. Therefore, it will reject the appointment or request the dismissal of the board member concerned on that basis.
13.3 Recipients or categories of recipients of the personal data
In the fit and proper procedure the personal data may be disclosed, on a need-to-know basis, to the staff of the NCAs, the Joint Supervisory Teams (ECB Directorate General – Micro-Prudential Supervision I or II), ECB Directorate General – Micro-Prudential Supervision IV (Authorisation Division), ECB Directorate General Legal Services (Supervisory Law Division), the Secretariat of the Supervisory Board and the members of the Supervisory Board and of the Governing Council of the ECB.
13.4 Applicable retention period
The ECB is required to store personal data regarding fit and proper applications/notifications for a period of fifteen years: from the date of application or notification if withdrawn before a formal decision is reached; from the date of a negative decision; or from the date the data subjects cease to be members of the management bodies of the supervised entity in the case of a positive ECB decision. In the case of reassessment based on new facts, the ECB is required to store personal data for fifteen years from the date of its decision. In the case of initiated administrative or judicial proceedings, the retention period will be extended and end one year after these proceedings are sanctioned by a decision that has acquired the authority of a final decision.
13.5 Applicable data protection framework and data controller
Regulation (EC) No 45/200124 is applicable to the processing of personal data by the ECB. For the purposes of Regulation (EC) No 45/2001, the ECB will be the data controller.
13.6 Data subject rights
In accordance with Article 9 of Decision ECB/2007/125, the data subjects of the processing of personal data by the ECB for the above-mentioned prudential supervisory purposes have access rights to and the right to rectify the data concerning them.
24 Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, OJ L 8, 12.1.2001, p. 1.
25 Decision of the ECB of 17 April 2007 adopting implementing rules concerning data protection at the ECB (ECB/2007/1), OJ L 116, 4.5.2007, p. 64.
13.7 Point of contact
If you have queries or complaints regarding this processing operation, you can contact the Data Controller at Authorisation@ecb.europa.eu, and/or the National Competent Authority at supervisao.prudencial@bportugal.pt.
Data subjects also have the right of recourse at any time to the European Data Protection Supervisor: https://secure.edps.europa.eu/EDPSWEB/edps/lang/en/EDPS.
13.8 Acknowledgment of the Privacy Statement
This Privacy Statement sets out the legal basis and details for the processing of personal data by the ECB. The ECB is required to process personal data in respect of any application in order to assess the suitability of the appointee for the position.
With the submission of the completed form you acknowledge that you have read and understand this Privacy Statement.
INDICAÇÕES DE PREENCHIMENTO